The names of more than money

The number of incidents of cyber-attacks in Russia increased in the first quarter by almost a third. Meanwhile, an increasing proportion of the attacks with the aim of obtaining information and not an immediate gain, including using social engineering techniques. Data resell on the black market or used for further attacks.

The number of cyber incidents in Russia in the first quarter of 2018 grew by 32% compared to the same level as last year — up to 312 cases, says the report of Positive Technologies (“b”). In this case, attackers were more likely to attack with the aim of obtaining data: the share of such attacks in the first quarter increased to 36% compared to 23% in 2017.

Data can be sold on the black market or use to continue the attack, analysts explain: for example, information about customers can be used to attack already on them. Basically the fraudsters are interested in the personal data (33% of cases), the account and the password for access (28%). The main motive of the attackers remains the receipt of financial benefits (53% of cases).

Indeed, one might get the impression that the attackers most interested in is data, but in the end, in any case it is done for financial gain, says Director of project research of Group-IB Anton Fishman. With the development of shopping in the dark web (the network segments that require for additional software) has become much easier to sell information — this includes industrial espionage, and internal financial documents, and personal data of users, says Mr. Fishman.

The principal methods of attacks: malware (63%), mainly spyware (30%), and mining software, using the power of the infected computer for producing cryptocurrency (23%).